Uploaded image for project: 'HBase'
  1. HBase
  2. HBASE-14865

Support passing multiple QOPs to SaslClient/Server via hbase.rpc.protection

    XMLWordPrintableJSON

Details

    • Improvement
    • Status: Resolved
    • Major
    • Resolution: Fixed
    • None
    • 2.0.0
    • security
    • None
    • Reviewed
    • Hide
      With this patch, hbase.rpc.protection can now take multiple comma-separate QOP values. Accepted QOP values remain unchanged and are 'authentication', 'integrity', and 'privacy'. Server or client can use this configuration to specify their preference (in decreasing order) while negotiating QOP.
      This feature can be used to upgrade or downgrade QOP in an online cluster without compromising availability (i.e. taking cluster offline). For e.g. to change qop from A to B, typical steps would be:
      "A" --> "B,A" --> rolling restart --> "B" --> rolling restart

      Sidenote: Based on experimentation, server's choice is given higher preference than client's choice. i.e. if server's choices are "A,B,C" and client's choices are "B,C,A", both A and B are acceptable, but A is chosen.
      Show
      With this patch, hbase.rpc.protection can now take multiple comma-separate QOP values. Accepted QOP values remain unchanged and are 'authentication', 'integrity', and 'privacy'. Server or client can use this configuration to specify their preference (in decreasing order) while negotiating QOP. This feature can be used to upgrade or downgrade QOP in an online cluster without compromising availability (i.e. taking cluster offline). For e.g. to change qop from A to B, typical steps would be: "A" --> "B,A" --> rolling restart --> "B" --> rolling restart Sidenote: Based on experimentation, server's choice is given higher preference than client's choice. i.e. if server's choices are "A,B,C" and client's choices are "B,C,A", both A and B are acceptable, but A is chosen.

    Description

      Currently, we can set the value of hbase.rpc.protection to one of authentication/integrity/privacy. It is the used to set javax.security.sasl.qop in SaslUtil.java.
      The problem is, if a cluster wants to switch from one qop to another, it'll have to take a downtime. Rolling upgrade will create a situation where some nodes have old value and some have new, which'll prevent any communication between them. There will be similar issue when clients will try to connect.

      javax.security.sasl.qop can take in a list of QOP in preferences order. So a transition from qop1 to qop2 can be easily done like this
      "qop1" --> "qop2,qop1" --> rolling restart --> "qop2" --> rolling restart

      Need to change hbase.rpc.protection to accept a list too.

      Attachments

        1. 14865-master-v7.patch
          70 kB
          Ted Yu
        2. HBASE-14865-branch-1.patch
          70 kB
          Apekshit Sharma
        3. HBASE-14865-master-v7.patch
          70 kB
          Apekshit Sharma
        4. HBASE-14865-branch-1.2.patch
          70 kB
          Apekshit Sharma
        5. HBASE-14865-branch-1.patch
          70 kB
          Apekshit Sharma
        6. HBASE-14865-master-v6.patch
          70 kB
          Apekshit Sharma
        7. HBASE-14865-master-v5.patch
          71 kB
          Apekshit Sharma
        8. HBASE-14865-master-v4.patch
          71 kB
          Apekshit Sharma
        9. HBASE-14865-master-v3.patch
          70 kB
          Apekshit Sharma
        10. HBASE-14865-master-v2.patch
          71 kB
          Apekshit Sharma
        11. HBASE-14865-master.patch
          67 kB
          Apekshit Sharma

        Issue Links

          links to

          Web Link Review Board

          Activity

            People

              appy Apekshit Sharma
              appy Apekshit Sharma
              Votes:
              0 Vote for this issue
              Watchers:
              11 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved: